[Dovecot] a strange doveadm behavior

fakessh @ fakessh at fakessh.eu
Fri Apr 8 17:51:09 EEST 2011


hi timo
hi dovecot's guru

and specify how the various users with doveadm

my dovecot -n
~]# /usr/sbin/dovecot -n
# 2.0.11: /etc/dovecot/dovecot.conf
# OS: Linux 2.6.32.2-xxxx-grs-ipv6-32 i686 CentOS release 5.5 (Final) 
auth_mechanisms = plain login
base_dir = /var/run/dovecot/
lda_mailbox_autocreate = yes
lda_mailbox_autosubscribe = yes
listen = [::]
log_path = /var/log/maillog
log_timestamp = %Y-%m-%d %H:%M:%S
login_log_format_elements = user=<%u> method=%m rip=%r lip=%l %c
mail_location = maildir:~/Maildir
mail_max_userip_connections = 20
managesieve_notify_capability = mailto
managesieve_sieve_capability = comparator-i;octet
comparator-i;ascii-casemap fileinto reject envelope encoded-character
vacation subaddress comparator-i;ascii-numeric relational regex
imap4flags copy include variables body enotify environment mailbox date
spamtest spamtestplus virustest
namespace {
  inbox = yes
  location = 
  prefix = 
  separator = .
}
passdb {
  driver = pam
}
plugin/autocreate = Trash
plugin/autocreate2 = Junk
plugin/autocreate3 = Sent
plugin/autocreate4 = Drafts
plugin/autosubscribe = Trash
plugin/autosubscribe2 = Junk
plugin/autosubscribe3 = Sent
plugin/autosubscribe4 = Drafts
plugin/plugin = autocreate managesieve  sieve
plugin/sieve = ~/.dovecot.sieve
plugin/sieve_before = /var/sieve-scripts/roundcube.sieve
plugin/sieve_dir = ~/sieve
plugin/sieve_global_path = whatever
protocols = sieve imap pop3
service auth {
  unix_listener /var/spool/postfix/private/auth {
    group = postfix
    mode = 0600
    user = postfix
  }
  unix_listener auth-master {
    mode = 0666
  }
  unix_listener auth-userdb {
    mode = 0666
  }
  vsz_limit = 64 M
}
service imap-login {
  inet_listener imap {
    port = 0
  }
  inet_listener imaps {
    address = * , [::]
    port = 993
  }
  process_limit = 128
  vsz_limit = 64 M
}
service imap {
  client_limit = 1
  service_count = 0
}
service managesieve-login {
  inet_listener managesieve-login {
    address = *
    port = 2000
  }
  process_limit = 128
  vsz_limit = 64 M
}
service pop3-login {
  inet_listener pop3 {
    port = 0
  }
  inet_listener pop3s {
    address = * , [::]
    port = 995
  }
  process_limit = 128
  vsz_limit = 64 M
}
ssl_ca = </etc/pki/tls/certs/root.crt
ssl_cert = </etc/pki/tls/certs/r13151.ovh.net.crt
ssl_key = </etc/pki/tls/private/r13151.ovh.net.key
ssl_verify_client_cert = yes
userdb {
  driver = passwd
}
version_ignore = yes
protocol imap {
  imap_client_workarounds = delay-newmail tb-extra-mailbox-sep
  imap_max_line_length = 64 k
  mail_plugins = autocreate
}
protocol pop3 {
  mail_plugins = autocreate
  pop3_client_workarounds = outlook-no-nuls oe-ns-eoh
  pop3_logout_format = top=%t/%p, retr=%r/%b, del=%d/%m, size=%s
}
protocol lda {
  hostname = r13151.ovh.net
  mail_plugins = autocreate  sieve
  postmaster_address = postmaster at fakessh.eu
  sendmail_path = /usr/lib/sendmail
}
protocol sieve {
  managesieve_implementation_string = dovecot
  managesieve_logout_format = bytes ( in=%i : out=%o )
  managesieve_max_line_length = 65536
}

i use 
~]# rpm -qa | egrep dovecot
dovecot-pigeonhole-0.2.2-15.el5
dovecot-2.0.11-1_126.el5
dovecot-managesieve-0.2.2-15.el5


Le vendredi 08 avril 2011 à 16:11 +0300, Timo Sirainen a écrit :
> On Wed, 2011-04-06 at 19:37 +0200, fakessh @ wrote:
> 
> > doveadm(fakessh): Error: userdb lookup:
> > connect(/var/run/dovecot//auth-userdb) failed: Permission denied
> > (euid=514(fakessh) egid=100(users) missing +r
> > perm: /var/run/dovecot//auth-userdb, euid is not dir owner)
> ..
> > [root at r13151 ~]# chmod og+w  /var/run/dovecot/auth-userdb
> 
> For a more permanent solution you can set:
> 
> service auth {
>   unix_listener auth-userdb {
>     mode = 0666
>   }
> }
> 
> > [fakessh at r13151 ~]$ doveadm expunge -A mailbox Trash savedbefore 30d
> > doveadm(dkimproxy): Fatal: seteuid(0) failed: Operation not permitted
> > [fakessh at r13151 ~]$ 
> 
> You have multiple users with different UIDs, right? You need to run
> doveadm as root then, so that it can change the UID when needed (and
> then you don't also need to change the permissions above).
> 
> 
-- 
gpg --keyserver pgp.mit.edu --recv-key 092164A7
http://pgp.mit.edu:11371/pks/lookup?op=get&search=0x092164A7
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: Ceci est une partie de message
	=?ISO-8859-1?Q?num=E9riquement?= =?ISO-8859-1?Q?_sign=E9e?=
Url : http://dovecot.org/pipermail/dovecot/attachments/20110408/cf1bd150/attachment.bin 


More information about the dovecot mailing list